[Apiman-user] CORS

Fadi Abdin fadiabdeen at gmail.com
Tue Aug 18 10:48:17 EDT 2015 

I'm still working on it :( .. i had to give the network guys few ip
addresses to whitelist so i can mvn install .. ... almost there.

On Tue, Aug 18, 2015 at 9:46 AM, Marc Savy <marc.savy at redhat.com> wrote:

> My pleasure! Did it work?
>
> On 17/08/2015 16:38, Fadi Abdin wrote:
>
>> cool .. you're the man ;)
>>
>>
>> On Mon, Aug 17, 2015 at 11:37 AM, Marc Savy <marc.savy at redhat.com
>> <mailto:marc.savy at redhat.com>> wrote:
>>
>>     I'm actually testing the fix right now. It will land both on the 1.2.x
>>     branch and the 1.1.x branch shortly. You should be able to test it out
>>     in a short while: I'll send you an email when it's available.
>>
>>     On 17/08/2015 16:23, Fadi Abdin wrote:
>>
>>         Thank you Marc,
>>         Is there a work around that you can think of ?
>>         I'm doing it with angularjs  , very simple
>>
>>         $http({method: 'GET', url: 'http://server/apiman-gateway/service
>> ',
>>         headers: {
>>               'Authorization': 'Bearer XXXXXXXXXXXXX'}
>>         });
>>
>>         I assume you will fix it in the new version , right?
>>
>>
>>
>>         On Mon, Aug 17, 2015 at 10:52 AM, Marc Savy
>>         <marc.savy at redhat.com <mailto:marc.savy at redhat.com>
>>         <mailto:marc.savy at redhat.com <mailto:marc.savy at redhat.com>>>
>> wrote:
>>
>>              Hi,
>>
>>              This is related to the JIRA I linked you to
>>              (https://issues.jboss.org/browse/APIMAN-516). Because of
>>         the way the
>>              policy chain currently works the behaviour of CORS is
>>         invalid in a
>>              few very specific cases (e.g. when you stack it with an auth
>>              policy). I'll let you know when it's fixed.
>>
>>              Regards,
>>              Marc
>>
>>              On 17/08/2015 15:44, Fadi Abdin wrote:
>>
>>                  I have a problem in calling a service in apiman-gateway
>>         with the
>>                  Authorization: Bearer <token> in the header.
>>
>>                  It seems to preflight OPTIONS and return
>>
>>                    1.
>>                       X-Policy-Failure-Message:
>>                       OAuth2 'Authorization' header or 'access_token'
>> query
>>                  parameter must
>>                       be provided.
>>
>>                  I am sending the bearer token with the request and i
>>         make sure
>>                  in the
>>                  preflight its sent in the request.
>>
>>                    1.
>>                       Access-Control-Request-Headers:
>>                       accept, authorization
>>
>>                  Does anyone know if there Is something i'm missing ?
>>         do i need
>>                  to get
>>                  authorization enabled or added anywhere ? as a side
>>         note i have
>>                  below in
>>                  my api as well:
>>
>>                  response.setHeader("Access-Control-Allow-Headers",
>>         "Authorization");
>>
>>
>>                  _______________________________________________
>>                  Apiman-user mailing list
>>         Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
>>         <mailto:Apiman-user at lists.jboss.org
>>         <mailto:Apiman-user at lists.jboss.org>>
>>         https://lists.jboss.org/mailman/listinfo/apiman-user
>>
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20150818/0aafd30d/attachment-0001.html

More information about the Apiman-user mailing list